In March 2020, the Port of Marseilles suffered collateral damage from a ransomware attack (Mespinoza/Pysa), allegedly orchestrated by the hacker group Mespinoza. While the primary target was the broader Aix-Marseille-Provence Metropolis a regional administrative hub the attack disrupted interconnected maritime infrastructure due to shared IT systems. The ransomware encrypted critical data, crippling operational workflows and forcing partial shutdowns of port services.The incident highlighted vulnerabilities in interdependent municipal and industrial networks, where a breach in one sector (government/regional administration) cascaded into another (logistics/transport). Although no direct physical damage or data exfiltration of port-specific assets was confirmed, the attack halted cargo processing, delayed shipments, and strained supply chains, underscoring the fragility of smart port ecosystems. Recovery efforts required system isolation, data restoration from backups, and coordination with cybersecurity agencies, incurring financial losses from downtime, reputational harm, and emergency response costs. The attack also raised concerns about critical infrastructure resilience, as the port serves as a vital economic gateway for Southern Europe.
Source: https://www.idna.fr/2020/12/21/ransomware/
TPRM report: https://www.rankiteo.com/company/grand-port-maritime-de-marseille
"id": "gra441092125",
"linkid": "grand-port-maritime-de-marseille",
"type": "Ransomware",
"date": "3/2020",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'industry': 'maritime/transportation',
'location': 'Marseille, France',
'name': 'Port of Marseilles',
'type': 'government/port authority'},
{'industry': 'public administration',
'location': 'Marseille, France',
'name': 'Aix-Marseille-Provence (metropolitan '
'authority)',
'type': 'government'}],
'data_breach': {'data_encryption': True},
'date_detected': '2020-03',
'description': 'In March 2020, the port of Marseilles was hit by a ransomware '
'attack (Mespinoza/Pysa), allegedly by hacker group Mespinoza. '
'Maritime infrastructures were not directly targeted but were '
'incidentally affected due to their interconnection with '
'information systems in Aix-Marseille-Provence, which was the '
'main target of the attack.',
'impact': {'systems_affected': ['maritime infrastructures (indirectly)',
'information systems in '
'Aix-Marseille-Provence (directly)']},
'ransomware': {'data_encryption': True,
'ransomware_strain': ['Mespinoza', 'Pysa']},
'threat_actor': 'Mespinoza',
'title': 'Ransomware Attack on the Port of Marseilles (Mespinoza/Pysa)',
'type': 'ransomware'}